tagline: Confidence in the Connected World
CIS Logo
HomeResourcesAdvisoriesA Vulnerability in Apple iOS Could Allow for Arbitrary Code Execution

A Vulnerability in Apple iOS Could Allow for Arbitrary Code Execution

MS-ISAC ADVISORY NUMBER:

2017-033

DATE(S) ISSUED:

04/04/2017

OVERVIEW:

A vulnerability has been discovered in Apple iOS, which could allow for arbitrary code execution. This vulnerability can be exploited by anyone within Wi-Fi range of the affected device. Successful exploitation of this vulnerability could result in arbitrary code execution within the context of the Wi-Fi chip. Depending on the privileges associated with the Wi-Fi chip, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If the Wi-Fi chip has been configured to have fewer user rights on the system, exploitation of this vulnerability could have less impact than if it was configured with administrative rights.

THREAT INTELLIGENCE:

There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEMS AFFECTED:

  • iOS Versions prior to 10.3

RISK:

Goverment:
  • Large and medium government entities: HIGH
  • Small government entities: MEDIUM
Businesses:
  • Large and medium business entities: HIGH
  • Small business entities: MEDIUM
Home Users:
HIGH

TECHNICAL SUMMARY:

A vulnerability has been discovered in Apple iOS, which could allow for arbitrary code execution. This vulnerability can be exploited by anyone within Wi-Fi range of the affected device. Continuous sending of specially crafted wireless frames can cause an overflow of the firmware stack, allowing for a buffer overflow to occur. (CVE-2017-6975)

Successful exploitation of this vulnerability could result in arbitrary code execution within the context of the Wi-Fi chip. Depending on the privileges associated with the Wi-Fi chip, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If the Wi-Fi chip has been configured to have fewer user rights on the system, exploitation of this vulnerability could have less impact than if it was configured with administrative rights.

RECOMENDATIONS:

We recommend the following actions be taken:

  • Apply appropriate patches provided by Apple to vulnerable systems immediately after appropriate testing.

REFERENCES:

Get Email Updates When Cyber Threats Like This Arise

Arrow Subscribe to Advisories